| Updated February 21 |
Schedule
| Date | Topic | Reading and assignments | Notes |
| Jan 17 | Course logistics and introduction |
Read Kaufman 1.5 Start reading Smashing the stack for fun and profit |
[ppt] [pdf] |
| Jan 19 | "Memento" - guest lecture by Suman Jana |
||
| Jan 24 | Passwords, security questions, challenge-response | Read Kaufman 9.1-2, 10, 11.1-2, and 12.2 |
[ppt] [pdf] |
| Jan 26 | Bypassing antivirus scanners - guest lecture by Suman Jana |
||
| Jan 31 | Cryptographic hash functions | Read Kaufman 5.1-2 and 5.6-7 |
[ppt] [pdf] |
| Feb 2 | Biometrics |
[ppt] [pdf] |
|
| Feb 7 | Phishing |
[ppt] [pdf] |
|
| Feb 9 | Cookies and Web session management | Read Kaufman 25 and Dos and don'ts of client authentication |
[ppt] [pdf] |
| Feb 14 | JavaScript and same origin policy |
[ppt] [pdf] |
|
| Feb 16 | Clickjacking and cross-site request forgery |
Homework 1 due Read Next generation clickjacking and Cross-site request forgeries: exploitation and prevention |
[ppt] [pdf] |
| Feb 21 | SQL injection and cross-site scripting | Read Advanced SQL injection and Cross site scripting explained | see above |
| Feb 23 | Symmetric encryption | Read Kaufman 2.1-4 and 4.2 | |
| Feb 28 | Kerberos | Read Kaufman 13 and 14, and Designing an authentication system | |
| Mar 1 |
Stream ciphers Attacks on 802.11b/WEP, CSS, MIFARE |
||
| Mar 6 | Attacks on TCP/IP, DNS, BGP Denial of service |
Project 1 due Read SYN cookies, IP spoofing demystified, It's the end of the cache as we know it |
|
| Mar 8 | Midterm |